Electronic documents are increasingly relied upon to operate businesses and governments. In particular, email has become one of, if not the most, relied upon day to day communication media for running many businesses and government functions.
For a variety of business and legal requirements, it is desired by organizations to appropriately maintain copies of electronic copies of documents, such as emails, for various periods of time. It is also desired to be able to “prove” the existence of electronic documents and their date of creation, modification, etc.
Previous attempts to maintain copies of electronic documents have principally comprised the production of archive copies of the electronic documents which are stored in a safe location, however such archiving activities suffer from a number of disadvantages. For example, even small organizations produce large numbers of emails every day and archives of email communications can quickly grow to massive sizes. Accordingly, the processing to create, maintain and, in the event it is desired to retrieve a document from an archive, search such archives can quickly overwhelm an organization's computer resources.
Further, such archives must be stored in a safe location, which typically requires the delivery, and often a physical delivery, of media containing the archive to the safe location, with the related risks of loss or copying of the archive in transit, providing proper controls to limit access to the archive, etc. and the associated delays in gaining access to the archive, should access be required for legitimate purposes.
Also, in the event that it is desired or necessary (perhaps for legal evidentiary purposes) to prove the date an electronic document was created and/or to prove that it has not been modified, it can be difficult or impossible for an organization to prove that its archives are correct and unmodified. Finally, such archives of electronic documents do not implement the document retention policies of many businesses and/or governments, with documents in such archives being retained for the life of the archive.
To address some of these issues, third party services have been proposed wherein the organization's archive is stored by a third party. The third party can be equipped to deal with the computational and logistical expenses of maintaining the organization's archives, thus freeing computer resources of the organization and, the involvement of such a third party can assist in establishing the evidentiary status of an electronic document as the third party should be able to evidence when an archive was received and/or whether it has since been modified.
However, problems exist with existing third party service schemes in that, to provide any service other than just a storage facility, the third party must be trusted. If the third party is not trusted, then an organization must either encrypt all of its archives before they are passed to the third party, or take the risk that unauthorized use will be made of its archives or that the archives can be modified by the third party. Even if the organization is willing to accept the risk of access by the third party, despite the possibility of corporate espionage or other risks, under many regulatory regimes an organization is not permitted to assume such a risk due to privacy laws, securities laws and other statutory regulations.
If the organization's archives are encrypted before being sent to the third party, which is therefore generally required, the organization cannot search for and/or retrieve copies of individual electronic documents from the archives stored at the third party. To search the archive, a copy of the entire encrypted archive must be returned to the organization (in some appropriately secure manner), the archive then being decrypted by the organization and searched to identify and/or retrieve a desired copy of an electronic document. If it is necessary to evidence the provenance of a document, it will likely be necessary for the organization to cause the third party to provide a copy of the encrypted archive, along with evidence that the archive is unaltered and has been in the care of the third party for a stated time period, and the necessary decryption key provided to a trusted authority who can then perform the decryption and retrieval again to verify the provenance of the document.
Clearly, such a system suffers from a variety of disadvantages especially if the number of archives to be searched is large and in the requirement to provide complete copies of the encrypted archives and the decryption keys to the trusted authority. Further, there still remains some difficulty in proving that the archive was not altered and was stored with the third party for the stated time period. Also, such a system prevents the organization from easily implementing a document retention policy for its electronic documents.
While such systems might be workable for meeting regulatory or legal requirements, they are onerous and/or expensive for an organization which merely needs to locate an archived document for internal purposes and/or for an organization which may have to fulfill many requests for archived material.